RE: [fw-wiz] result question
From: Mike Hoskins (mike_at_adept.org)
Date: 08/29/03
- Previous message: Mike Hoskins: "[fw-wiz] Re: Setting up H323 IP telephony etc"
- Maybe in reply to: rmck: "[fw-wiz] result question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com Date: Thu, 28 Aug 2003 17:35:55 -0700 (PDT)
Subject: RE: [fw-wiz] result question
Date: Thu, 28 Aug 2003 15:09:26 -0400
From: "Whiteside, Larry [contractor]" <BAE14@SPHQ.SSP.NAVY.MIL>
To: "rmck" <rmckeever@earthlink.net>,
<firewall-wizards@honor.icsalabs.com>
> assuming that the port is open because there is no response. Doing UDP =
> scans with NMAP, it wants to see a TCP reset or something to tell NMAP =
> that it is closed. I am not sure what response it is looking for doing a
> FIN scan, but it is probably something similar.
UDP wants ICMP type 3. FIN wants RST. that's all in nmap(1). UDP scans
are more useless than normal if you're blocking all ICMP somewhere along
the line. but don't do that, you'll break PMTUD.
-mrh
-- From: "Spam Catcher" <spam-catcher@adept.org> To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Mike Hoskins: "[fw-wiz] Re: Setting up H323 IP telephony etc"
- Maybe in reply to: rmck: "[fw-wiz] result question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
